ECEN5553 Telecom SystemsDr. George ScheetsWeek 6Readings:[11a] "Cybercrime: Dissecting the State of

Underground Enterprise"[11b] "A Call to Cyber Arms"[12a] "The Compleat Story of Phish"[12b] "Diplomatic and government agencies

targeted in years-long cyberespionage operation"[12c] "DDoS Attack Doesn't Spell Internet Doom"Exam #1 Lecture 16, 24 September (Live)

No later than 1 October (Remote DL)Outline 8 October 2014, Lecture 22 (Live)

No later than 15 October (Remote DL)

ECEN5553 Telecom SystemsDr. George ScheetsWeek 6Readings:[11a] "Cybercrime: Dissecting the State of

Underground Enterprise"[11b] "A Call to Cyber Arms"[12a] "The Compleat Story of Phish"[12b] "Diplomatic and government agencies

targeted in years-long cyberespionage operation"[12c] "DDoS Attack Doesn't Spell Internet Doom"Exam #1 Lecture 16, 24 September (Live)

No later than 1 October (Remote DL)Outline 8 October 2014, Lecture 22 (Live)

No later than 15 October (Remote DL)

OutlinesReceived

due 8 October (local)

15 October (remote)

OutlinesReceived

due 8 October (local)

15 October (remote)

35 %

The Internet Is... a Security Nightmare

The Internet Is... a Security Nightmare

Bad things have been out there for years Viruses, Worms, Trojans, Denial of Service, etc.

November 2, 1988 Internet Worm Network shut down for 2-3 days Took advantage of

Unix buffer overflow problems Poor password choices

2009-2010 Stuxnet Worm2009-2010 Stuxnet Worm State sponsored?State sponsored? Seemed to target Iran's nuclear bomb programSeemed to target Iran's nuclear bomb program

The Internet Is... a Security Nightmare

The Internet Is... a Security Nightmare

TCOM5223TCOM5223Information Assurance ManagementInformation Assurance Management

TCOM5233TCOM5233Applied Information Systems SecurityApplied Information Systems Security

TCOM5243TCOM5243Information Technology ForensicsInformation Technology Forensics

““Remember, when you connect with another Remember, when you connect with another computer, you're connecting to every computer that computer, you're connecting to every computer that computer has connected to.”computer has connected to.” Dennis Miller, Saturday Night LiveDennis Miller, Saturday Night Live

Pros of Using the InternetPros of Using the Internet

Any-to-Any Connectivity It’s Inexpensive (save $$$$) Tons of valuable information available Excellent marketing/sales tool

Cons of Using the Commodity InternetCons of Using the Commodity Internet Any-to-Any Connectivity

puts all attached machines at risk

Slightly higher risk of Theft of Traffic Tons of Worthless Information Available No QoS guarantees or Guaranteed Bandwidth

May have trouble rapidly moving large filesMay have trouble reliably moving time

sensitive traffic

WARNING: SECURITY HAZARD!

802.3 Ethernet Packet Format802.3 Ethernet Packet Format

MACDestination

Address

MACSource

Address

CRCData + Padding

Bytes: 7 1 6 6 2

40 20 6-1440 4

IPv6 TCP

Connectionless vs. Connection Oriented

Connectionless vs. Connection Oriented

Connectionless* Packet delivery may be out of order * Packet delivery NOT guaranteed* Packets may be mangled* End User’s responsibility to fix any problems

Connection Oriented* Packet delivery in order* Packet delivery usually guaranteed

IP is ConnectionlessIP is Connectionless

Data + Padding

20 20 up to 1,460

IP TCP

I/O decisions based on IP address & look-up table.Tables updated independent of traffic.

Wide Area Connectivity OptionsWide Area Connectivity Options Leased Line (a.k.a. Private Line) Network

Switches are byte aware Circuit is assigned trunk BW via TDM

BW required is based on peak input rates

Route through system determined in advance. Pricing function of distance & peak rate Most expensive connectivity option Highest quality connectivity option

Leased Line UsageLeased Line Usage Revenues still aroundRevenues still around

$34 Billion in 2009$34 Billion in 2009 Drop in CorporateDrop in Corporate Increase in wireless Increase in wireless

backhaulbackhaul

Figure Source: Figure Source: Insight ResearchInsight ResearchOctober 2004October 2004Network World ArticleNetwork World Article

Switched Ethernet LAN'sSwitched Ethernet LAN's

100, 1,000 Mbps10/100 Mbps

EdgeRouter

PC

PC

PC

PC

PC

PC

PC

SwitchedHub

SwitchedHub

SwitchedHub

Leased Lines

Telecom Carriers dedicate 320, 128, and 256 Kbps links for our sole use via Circuit Switching.

OKC

Detroit

NYC

Carrier LeasedLine Network

Router

Leased Line

Ex) Corporate Leased Line ConnectivityEx) Corporate Leased Line Connectivity

OKC

Detroit

NYC

Carrier LeasedLine Network

Router

384 Kbps

From/ToFrom/To OKCOKC DETDET NYCNYC

OKCOKC -- 144144 7676

DETDET 8888 -- 2828

NYCNYC 112112 3434 --

320 Kbps

Ex) Corporate Leased Line ConnectivityEx) Corporate Leased Line Connectivity

How will company connect to Internet?How will company connect to Internet?

ConfigurationConfiguration Every site connect locally?Every site connect locally? All sites connect thru, say, OKC?All sites connect thru, say, OKC?

Type of connectionType of connection Leased LineLeased Line DSL?DSL? Cable Modem?Cable Modem? Other?Other?

OKC

Detroit

NYC

Carrier LeasedLine Network

Router

384 Kbps

ISP

320 Kbps

Ex) Internet thru OKCEx) Internet thru OKC

From/ToFrom/To OKCOKC DETDET NYCNYC ISPISP

OKCOKC -- 144144 7676 6060

DETDET 8888 -- 2828 5050

NYCNYC 112112 3434 -- 4040

ISPISP 110110 100100 9090 --

How big should the pipeto the ISP be?300 Kbps is outbound from ISP> 640 Kbps circuit needed.

640 Kbps

OKC

Detroit

NYC

Carrier LeasedLine Network

Router

576 Kbps

ISP

448 Kbps

Ex) Internet thru OKCEx) Internet thru OKC

From/ToFrom/To OKCOKC DETDET NYCNYC ISPISP

OKCOKC -- 144144 7676 6060

DETDET 8888 -- 2828 5050

NYCNYC 112112 3434 -- 4040

ISPISP 110110 100100 9090 --

Need to bump size of other 2 pipes.194/186 I/O @ NYC → 448 Kbps278/166 I/O @ DET → 576 Kbps

640 Kbps

WAN Design (Link Reduction)WAN Design (Link Reduction)

Start with Traffic MatrixStart with Traffic Matrix Examine Full MeshExamine Full Mesh Consider eliminating lightly used linksConsider eliminating lightly used links

Reroute affected trafficReroute affected traffic Compare costs at each iterationCompare costs at each iteration

WAN Connectivity OptionsWAN Connectivity Options

InternetInternet Routers are packet awareRouters are packet aware Datagrams are assigned trunk BW via StatMuxDatagrams are assigned trunk BW via StatMux

BW required based more so on BW required based more so on averageaverage input rates input rates

Each packet individually routed Each packet individually routed MPLS enabled networks can use Virtual CircuitsMPLS enabled networks can use Virtual Circuits

Pricing a function of connection sizePricing a function of connection size & Possibly QoS if MPLS and/or DiffServe used& Possibly QoS if MPLS and/or DiffServe used

Ex) Commodity InternetCorporate Connectivity

Ex) Commodity InternetCorporate Connectivity

Local Carriers dedicate bandwidthto our use. ISP provides random Packet Switched StatMux connectivity via datagrams.

OKC

Detroit

NYC

ISP Network

Router

Ex) Commodity InternetCorporate & Internet ConnectivityEx) Commodity InternetCorporate & Internet Connectivity

OKC

Detroit

NYC

ISP Network

Router

640 Kbps

576 Kbps

448 KbpsFrom/ToFrom/To OKCOKC DETDET NYCNYC ISPISP

OKCOKC -- 144144 7676 6060

DETDET 8888 -- 2828 5050

NYCNYC 112112 3434 -- 4040

ISPISP 110110 100100 9090 --

310/280 I/O @ OKC → 640 Kbps194/186 I/O @ NYC → 448 Kbps278/166 I/O @ DET → 576 Kbps

Ex) IP with QoS Corporate & Commodity Internet Connectivity

Ex) IP with QoS Corporate & Commodity Internet Connectivity

OKC

Detroit

NYC

Internet ServiceProvider Network

MPLS VC, OKC - D

etroit

MPLS VC, NYC - OKC

768 Kbps

Detroit & NYC: No change.OKC: Port Speed must be bumped torelay Detroit ↔ NYC corporate traffic.

From/ToFrom/To OKCOKC DETDET NYCNYC ISPISP

OKCOKC -- 144144 7676 6060

DETDET 8888 -- 2828 5050

NYCNYC 112112 3434 -- 4040

ISPISP 110110 100100 9090 --

576 Kbps

448 Kbps

Leased Line at OKC ↔ ISPLeased Line at OKC ↔ ISP OutboundOutbound

OKCOKC→Det 144→Det 144 OKC→NYC 76 OKC→NYC 76 OKC→ISP 60OKC→ISP 60 Det →NYC 28Det →NYC 28 NYC → Det 34NYC → Det 34

From/ToFrom/To OKCOKC DETDET NYCNYC ISPISP

OKCOKC -- 144144 7676 6060

DETDET 8888 -- 2828 5050

NYCNYC 112112 3434 -- 4040

ISPISP 110110 100100 9090 --

InboundInbound Det→OKC 88Det→OKC 88 Det→NYC 28Det→NYC 28 NYC→OKC 112NYC→OKC 112 NYC→Det 34NYC→Det 34 ISP → OKC 110ISP → OKC 110

Total Outbound = 342 KbpsTotal Inbound = 372 KbpsLeased Line Size > 744 KbpsLeased Line = 768 Kbps minimum.

Carrier Leased Line NetworkCarrier Leased Line Network

Carrier reserves BW from pool for our use.Ex) For a 384 Kbps connection, Cross-Connects assign 6 byte sized TDM time slots 8000 times/second = 6*8*8000 = 384 Kbps.

Cross-ConnectCross-Connect

TrunksLeased LineByte

Aware

Internet Service Provider BackboneInternet Service Provider Backbone

Router

TrunksLeased Line

ISP Routers assign BW for our use on Random, as needed basis via StatMux & Packet Switching.

PacketAware

LAN

LAN

Internet Service Provider NetworkInternet Service Provider Network

Corporate customers might attachvia Edge Router & Leased Lines.

RouterRouter

TrunksLeased Line

PC

WS

Internet (Inside the Cloud)Internet (Inside the Cloud) ExampleExample

Internet Router

100 Mbps Trunk

?? 1.54 Mbps ConnectionsP(Access Line is Active) = 10%

How many access lines can this switch support?